Imperas Software Ltd. announced the beta release of the ImperasDV architectural validation test suites for RISC-V Physical Memory Protection (PMP). The open standard ISA (Instruction Set Architecture) of RISC-V offers developers a wide range of standard extensions and options that support the design of an optimized processor while leveraging the ecosystem of compatibility. The RISC-V Privileged Specification includes PMP as a fundamental approach to memory protection that is essential in security applications that depend on TEE (Trusted Execution Environments) such as Keystone, OpenTitan, and many other leading techniques for security protection. Thus, functional verification of PMP is essential for any RISC-V processor targeted at security applications.
RISC-V processor implementations for security applications use physical memory protection (PMP) as a way to ensure memory isolation between key security applications and other activities. The RISC-V PMP specification provides a flexible and comprehensive approach based on control registers for the parameterization of modes to control the memory access, permissions, and policy. By using control registers, the actual policy and operation can be configured in software using the available hardware resources. The PMP policy thus can be configured to control the initial processor boot process and is fundamental to many systems that rely on a TEE for security applications.
RISC-V processor functional verification needs to ensure the design behaves as expected. In the case of the PMP functionality, due to the wide range of possible configurations and implementations, the architectural validation test suite also needs to cover the vulnerabilities that arise from a design error that enable an unnecessary or unwanted option. While some processor developers undertake both the design and test phases of a project, the advantage that 3rd party tests provide is an independent interpretation of the specification and thus offers a valuable additional safeguard. This is especially important when specification options selected for the target device are used to direct the test plan since an unintended design error that includes an unnecessary and therefore untested feature could allow for a security vulnerability.
The Imperas Physical Memory Protection (PMP) Architectural Validation test suites are available now to ImperasDV users as a beta release, with a full production release scheduled for Q2 2022.
Leave a Reply